Executive Summary
First identified in 2018, 'Ryuk' is a known malware often dropped on a system by other malware, most notably TrickBot and Bazaarloader by using a Spear Phishing lure or other systems access gains via Remote Desktop Services. Ryuk demands payment via Bitcoin cryptocurrency and directs victims to deposit the ransom in a specific Bitcoin wallet.
Cyberint is an Israel-based cybersecurity platform that offers solutions such as threat analysis and phishing detection for industries such as retail, finance and healthcare.